diff --git a/barretenberg/cpp/src/barretenberg/flavor/flavor.hpp b/barretenberg/cpp/src/barretenberg/flavor/flavor.hpp index 69a3a9dabb4..2d38473aac0 100644 --- a/barretenberg/cpp/src/barretenberg/flavor/flavor.hpp +++ b/barretenberg/cpp/src/barretenberg/flavor/flavor.hpp @@ -382,10 +382,12 @@ class ECCVMFlavor; class UltraKeccakFlavor; class MegaFlavor; class TranslatorFlavor; +class AvmFlavor; template class UltraRecursiveFlavor_; template class MegaRecursiveFlavor_; template class TranslatorRecursiveFlavor_; template class ECCVMRecursiveFlavor_; +template class AvmRecursiveFlavor_; } // namespace bb // Forward declare plonk flavors @@ -437,7 +439,8 @@ MegaRecursiveFlavor_, TranslatorRecursiveFlavor_, TranslatorRecursiveFlavor_, TranslatorRecursiveFlavor_, -ECCVMRecursiveFlavor_>; +ECCVMRecursiveFlavor_, +AvmRecursiveFlavor_>; template concept IsECCVMRecursiveFlavor = IsAnyOf>; diff --git a/barretenberg/cpp/src/barretenberg/stdlib/eccvm_verifier/eccvm_recursive_flavor.hpp b/barretenberg/cpp/src/barretenberg/stdlib/eccvm_verifier/eccvm_recursive_flavor.hpp index 7f22b00333c..eaddea77f9d 100644 --- a/barretenberg/cpp/src/barretenberg/stdlib/eccvm_verifier/eccvm_recursive_flavor.hpp +++ b/barretenberg/cpp/src/barretenberg/stdlib/eccvm_verifier/eccvm_recursive_flavor.hpp @@ -66,7 +66,6 @@ template class ECCVMRecursiveFlavor_ { // define the containers for storing the contributions from each relation in Sumcheck using TupleOfArraysOfValues = decltype(create_tuple_of_arrays_of_values()); - public: /** * @brief A field element for each entity of the flavor. These entities represent the prover polynomials * evaluated at one point. diff --git a/barretenberg/cpp/src/barretenberg/stdlib/eccvm_verifier/eccvm_recursive_verifier.cpp b/barretenberg/cpp/src/barretenberg/stdlib/eccvm_verifier/eccvm_recursive_verifier.cpp index fe47fd9469d..eeb04cddc99 100644 --- a/barretenberg/cpp/src/barretenberg/stdlib/eccvm_verifier/eccvm_recursive_verifier.cpp +++ b/barretenberg/cpp/src/barretenberg/stdlib/eccvm_verifier/eccvm_recursive_verifier.cpp @@ -16,7 +16,6 @@ ECCVMRecursiveVerifier_::ECCVMRecursiveVerifier_( /** * @brief This function verifies an ECCVM Honk proof for given program settings up to sumcheck. */ -// TODO(https://github.com/AztecProtocol/barretenberg/issues/1007): Finish this template void ECCVMRecursiveVerifier_::verify_proof(const HonkProof& proof) { using Curve = typename Flavor::Curve; diff --git a/barretenberg/cpp/src/barretenberg/stdlib/eccvm_verifier/eccvm_recursive_verifier.hpp b/barretenberg/cpp/src/barretenberg/stdlib/eccvm_verifier/eccvm_recursive_verifier.hpp index 9e536047778..6a590ebba40 100644 --- a/barretenberg/cpp/src/barretenberg/stdlib/eccvm_verifier/eccvm_recursive_verifier.hpp +++ b/barretenberg/cpp/src/barretenberg/stdlib/eccvm_verifier/eccvm_recursive_verifier.hpp @@ -24,7 +24,6 @@ template class ECCVMRecursiveVerifier_ { void verify_proof(const HonkProof& proof); std::shared_ptr key; - std::map commitments; Builder* builder; std::shared_ptr transcript; diff --git a/barretenberg/cpp/src/barretenberg/stdlib/honk_verifier/decider_recursive_verifier.hpp b/barretenberg/cpp/src/barretenberg/stdlib/honk_verifier/decider_recursive_verifier.hpp index 701d741c6b2..3e46be8b412 100644 --- a/barretenberg/cpp/src/barretenberg/stdlib/honk_verifier/decider_recursive_verifier.hpp +++ b/barretenberg/cpp/src/barretenberg/stdlib/honk_verifier/decider_recursive_verifier.hpp @@ -28,7 +28,6 @@ template class DeciderRecursiveVerifier_ { PairingPoints verify_proof(const HonkProof& proof); - std::map commitments; std::shared_ptr pcs_verification_key; Builder* builder; std::shared_ptr accumulator; diff --git a/barretenberg/cpp/src/barretenberg/stdlib/honk_verifier/ultra_recursive_verifier.hpp b/barretenberg/cpp/src/barretenberg/stdlib/honk_verifier/ultra_recursive_verifier.hpp index b1ddf11d4ba..2478d999d3c 100644 --- a/barretenberg/cpp/src/barretenberg/stdlib/honk_verifier/ultra_recursive_verifier.hpp +++ b/barretenberg/cpp/src/barretenberg/stdlib/honk_verifier/ultra_recursive_verifier.hpp @@ -32,7 +32,6 @@ template class UltraRecursiveVerifier_ { aggregation_state agg_obj); std::shared_ptr key; - std::map commitments; std::shared_ptr pcs_verification_key; Builder* builder; std::shared_ptr transcript; diff --git a/barretenberg/cpp/src/barretenberg/stdlib/translator_vm_verifier/translator_recursive_flavor.hpp b/barretenberg/cpp/src/barretenberg/stdlib/translator_vm_verifier/translator_recursive_flavor.hpp index c8331534405..36f8159dad4 100644 --- a/barretenberg/cpp/src/barretenberg/stdlib/translator_vm_verifier/translator_recursive_flavor.hpp +++ b/barretenberg/cpp/src/barretenberg/stdlib/translator_vm_verifier/translator_recursive_flavor.hpp @@ -96,7 +96,6 @@ template class TranslatorRecursiveFlavor_ { // random polynomial e.g. For \sum(x) [A(x) * B(x) + C(x)] * PowZeta(X), relation length = 2 and random relation // length = 3 static constexpr size_t BATCHED_RELATION_PARTIAL_LENGTH = MAX_PARTIAL_RELATION_LENGTH + 1; - static constexpr size_t BATCHED_RELATION_TOTAL_LENGTH = MAX_TOTAL_RELATION_LENGTH + 1; static constexpr size_t NUM_RELATIONS = std::tuple_size_v; // define the containers for storing the contributions from each relation in Sumcheck diff --git a/barretenberg/cpp/src/barretenberg/stdlib/translator_vm_verifier/translator_recursive_verifier.cpp b/barretenberg/cpp/src/barretenberg/stdlib/translator_vm_verifier/translator_recursive_verifier.cpp index 87dc4ce806e..ea06cfbdbeb 100644 --- a/barretenberg/cpp/src/barretenberg/stdlib/translator_vm_verifier/translator_recursive_verifier.cpp +++ b/barretenberg/cpp/src/barretenberg/stdlib/translator_vm_verifier/translator_recursive_verifier.cpp @@ -115,7 +115,7 @@ std::array TranslatorRecursiveVerifier_ class TranslatorRecursiveVerifier_ { BF batching_challenge_v = 0; std::shared_ptr key; - std::map commitments; std::shared_ptr transcript; std::shared_ptr pcs_verification_key; // can remove maybe hopefully Builder* builder; diff --git a/barretenberg/cpp/src/barretenberg/stdlib_circuit_builders/mega_flavor.hpp b/barretenberg/cpp/src/barretenberg/stdlib_circuit_builders/mega_flavor.hpp index 071bd50c675..f614265b156 100644 --- a/barretenberg/cpp/src/barretenberg/stdlib_circuit_builders/mega_flavor.hpp +++ b/barretenberg/cpp/src/barretenberg/stdlib_circuit_builders/mega_flavor.hpp @@ -74,7 +74,6 @@ class MegaFlavor { // random polynomial e.g. For \sum(x) [A(x) * B(x) + C(x)] * PowZeta(X), relation length = 2 and random relation // length = 3 static constexpr size_t BATCHED_RELATION_PARTIAL_LENGTH = MAX_PARTIAL_RELATION_LENGTH + 1; - static constexpr size_t BATCHED_RELATION_TOTAL_LENGTH = MAX_TOTAL_RELATION_LENGTH + 1; static constexpr size_t NUM_RELATIONS = std::tuple_size_v; // The total number of witnesses including shifts and derived entities. static constexpr size_t NUM_ALL_WITNESS_ENTITIES = 23; diff --git a/barretenberg/cpp/src/barretenberg/stdlib_circuit_builders/mega_recursive_flavor.hpp b/barretenberg/cpp/src/barretenberg/stdlib_circuit_builders/mega_recursive_flavor.hpp index 8d105adb10b..388de27414f 100644 --- a/barretenberg/cpp/src/barretenberg/stdlib_circuit_builders/mega_recursive_flavor.hpp +++ b/barretenberg/cpp/src/barretenberg/stdlib_circuit_builders/mega_recursive_flavor.hpp @@ -66,7 +66,6 @@ template class MegaRecursiveFlavor_ { // random polynomial e.g. For \sum(x) [A(x) * B(x) + C(x)] * PowZeta(X), relation length = 2 and random relation // length = 3 static constexpr size_t BATCHED_RELATION_PARTIAL_LENGTH = MAX_PARTIAL_RELATION_LENGTH + 1; - static constexpr size_t BATCHED_RELATION_TOTAL_LENGTH = MAX_TOTAL_RELATION_LENGTH + 1; static constexpr size_t NUM_RELATIONS = std::tuple_size_v; // For instances of this flavour, used in folding, we need a unique sumcheck batching challenge for each diff --git a/barretenberg/cpp/src/barretenberg/stdlib_circuit_builders/ultra_flavor.hpp b/barretenberg/cpp/src/barretenberg/stdlib_circuit_builders/ultra_flavor.hpp index 1acd95d3319..f5d4f58ddd8 100644 --- a/barretenberg/cpp/src/barretenberg/stdlib_circuit_builders/ultra_flavor.hpp +++ b/barretenberg/cpp/src/barretenberg/stdlib_circuit_builders/ultra_flavor.hpp @@ -81,7 +81,6 @@ class UltraFlavor { // random polynomial e.g. For \sum(x) [A(x) * B(x) + C(x)] * PowZeta(X), relation length = 2 and random relation // length = 3 static constexpr size_t BATCHED_RELATION_PARTIAL_LENGTH = MAX_PARTIAL_RELATION_LENGTH + 1; - static constexpr size_t BATCHED_RELATION_TOTAL_LENGTH = MAX_TOTAL_RELATION_LENGTH + 1; static constexpr size_t NUM_RELATIONS = std::tuple_size_v; template diff --git a/barretenberg/cpp/src/barretenberg/stdlib_circuit_builders/ultra_keccak.hpp b/barretenberg/cpp/src/barretenberg/stdlib_circuit_builders/ultra_keccak.hpp index 91f9017893c..add2e13f272 100644 --- a/barretenberg/cpp/src/barretenberg/stdlib_circuit_builders/ultra_keccak.hpp +++ b/barretenberg/cpp/src/barretenberg/stdlib_circuit_builders/ultra_keccak.hpp @@ -76,7 +76,6 @@ class UltraKeccakFlavor { // random polynomial e.g. For \sum(x) [A(x) * B(x) + C(x)] * PowZeta(X), relation length = 2 and random relation // length = 3 static constexpr size_t BATCHED_RELATION_PARTIAL_LENGTH = MAX_PARTIAL_RELATION_LENGTH + 1; - static constexpr size_t BATCHED_RELATION_TOTAL_LENGTH = MAX_TOTAL_RELATION_LENGTH + 1; static constexpr size_t NUM_RELATIONS = std::tuple_size_v; template diff --git a/barretenberg/cpp/src/barretenberg/stdlib_circuit_builders/ultra_recursive_flavor.hpp b/barretenberg/cpp/src/barretenberg/stdlib_circuit_builders/ultra_recursive_flavor.hpp index 0faaaf60cba..04ff64f28c2 100644 --- a/barretenberg/cpp/src/barretenberg/stdlib_circuit_builders/ultra_recursive_flavor.hpp +++ b/barretenberg/cpp/src/barretenberg/stdlib_circuit_builders/ultra_recursive_flavor.hpp @@ -81,7 +81,6 @@ template class UltraRecursiveFlavor_ { // random polynomial e.g. For \sum(x) [A(x) * B(x) + C(x)] * PowZeta(X), relation length = 2 and random relation // length = 3 static constexpr size_t BATCHED_RELATION_PARTIAL_LENGTH = MAX_PARTIAL_RELATION_LENGTH + 1; - static constexpr size_t BATCHED_RELATION_TOTAL_LENGTH = MAX_TOTAL_RELATION_LENGTH + 1; static constexpr size_t NUM_RELATIONS = std::tuple_size::value; // For instances of this flavour, used in folding, we need a unique sumcheck batching challenges for each @@ -93,7 +92,6 @@ template class UltraRecursiveFlavor_ { // define the container for storing the univariate contribution from each relation in Sumcheck using TupleOfArraysOfValues = decltype(create_tuple_of_arrays_of_values()); - public: /** * @brief The verification key is responsible for storing the commitments to the precomputed (non-witnessk) * polynomials used by the verifier. diff --git a/barretenberg/cpp/src/barretenberg/translator_vm/translator_flavor.hpp b/barretenberg/cpp/src/barretenberg/translator_vm/translator_flavor.hpp index 22bb710e84a..b1e717caff8 100644 --- a/barretenberg/cpp/src/barretenberg/translator_vm/translator_flavor.hpp +++ b/barretenberg/cpp/src/barretenberg/translator_vm/translator_flavor.hpp @@ -100,7 +100,6 @@ class TranslatorFlavor { // random polynomial e.g. For \sum(x) [A(x) * B(x) + C(x)] * PowZeta(X), relation length = 2 and random relation // length = 3 static constexpr size_t BATCHED_RELATION_PARTIAL_LENGTH = MAX_PARTIAL_RELATION_LENGTH + 1; - static constexpr size_t BATCHED_RELATION_TOTAL_LENGTH = MAX_TOTAL_RELATION_LENGTH + 1; static constexpr size_t NUM_RELATIONS = std::tuple_size_v; // define the containers for storing the contributions from each relation in Sumcheck diff --git a/barretenberg/cpp/src/barretenberg/vm/CMakeLists.txt b/barretenberg/cpp/src/barretenberg/vm/CMakeLists.txt index fc3a02d77dc..2b697200bb0 100644 --- a/barretenberg/cpp/src/barretenberg/vm/CMakeLists.txt +++ b/barretenberg/cpp/src/barretenberg/vm/CMakeLists.txt @@ -1,3 +1,3 @@ if(NOT DISABLE_AZTEC_VM) - barretenberg_module(vm sumcheck) + barretenberg_module(vm sumcheck stdlib_honk_verifier) endif() \ No newline at end of file diff --git a/barretenberg/cpp/src/barretenberg/vm/avm/generated/flavor.cpp b/barretenberg/cpp/src/barretenberg/vm/avm/generated/flavor.cpp index e8ca84af006..7fdaf735d4f 100644 --- a/barretenberg/cpp/src/barretenberg/vm/avm/generated/flavor.cpp +++ b/barretenberg/cpp/src/barretenberg/vm/avm/generated/flavor.cpp @@ -2427,26 +2427,6 @@ AvmFlavor::CommitmentLabels::CommitmentLabels() Base::incl_mem_tag_err_counts = "INCL_MEM_TAG_ERR_COUNTS"; }; -AvmFlavor::VerifierCommitments::VerifierCommitments(const std::shared_ptr& verification_key) -{ - byte_lookup_sel_bin = verification_key->byte_lookup_sel_bin; - byte_lookup_table_byte_lengths = verification_key->byte_lookup_table_byte_lengths; - byte_lookup_table_in_tags = verification_key->byte_lookup_table_in_tags; - byte_lookup_table_input_a = verification_key->byte_lookup_table_input_a; - byte_lookup_table_input_b = verification_key->byte_lookup_table_input_b; - byte_lookup_table_op_id = verification_key->byte_lookup_table_op_id; - byte_lookup_table_output = verification_key->byte_lookup_table_output; - gas_base_da_gas_fixed_table = verification_key->gas_base_da_gas_fixed_table; - gas_base_l2_gas_fixed_table = verification_key->gas_base_l2_gas_fixed_table; - gas_dyn_da_gas_fixed_table = verification_key->gas_dyn_da_gas_fixed_table; - gas_dyn_l2_gas_fixed_table = verification_key->gas_dyn_l2_gas_fixed_table; - gas_sel_gas_cost = verification_key->gas_sel_gas_cost; - main_clk = verification_key->main_clk; - main_sel_first = verification_key->main_sel_first; - main_zeroes = verification_key->main_zeroes; - powers_power_of_2 = verification_key->powers_power_of_2; -} - void AvmFlavor::Transcript::deserialize_full_transcript() { size_t num_frs_read = 0; diff --git a/barretenberg/cpp/src/barretenberg/vm/avm/generated/flavor.hpp b/barretenberg/cpp/src/barretenberg/vm/avm/generated/flavor.hpp index 376cdd0ff22..30f7aac11ed 100644 --- a/barretenberg/cpp/src/barretenberg/vm/avm/generated/flavor.hpp +++ b/barretenberg/cpp/src/barretenberg/vm/avm/generated/flavor.hpp @@ -147,98 +147,108 @@ class AvmFlavor { // The total number of witnesses including shifts and derived entities. static constexpr size_t NUM_ALL_WITNESS_ENTITIES = NUM_WITNESS_ENTITIES + NUM_SHIFTED_ENTITIES; - using MainRelations = std::tuple< + // Need to be templated for recursive verifier + template + using MainRelations_ = std::tuple< // Relations - Avm_vm::alu, - Avm_vm::binary, - Avm_vm::conversion, - Avm_vm::gas, - Avm_vm::keccakf1600, - Avm_vm::kernel, - Avm_vm::main, - Avm_vm::mem, - Avm_vm::mem_slice, - Avm_vm::pedersen, - Avm_vm::poseidon2, - Avm_vm::range_check, - Avm_vm::sha256>; - - using LookupRelations = std::tuple< + Avm_vm::alu, + Avm_vm::binary, + Avm_vm::conversion, + Avm_vm::gas, + Avm_vm::keccakf1600, + Avm_vm::kernel, + Avm_vm::main, + Avm_vm::mem, + Avm_vm::mem_slice, + Avm_vm::pedersen, + Avm_vm::poseidon2, + Avm_vm::range_check, + Avm_vm::sha256>; + + using MainRelations = MainRelations_; + + // Need to be templated for recursive verifier + template + using LookupRelations_ = std::tuple< // Lookups - incl_main_tag_err_relation, - incl_mem_tag_err_relation, - kernel_output_lookup_relation, - lookup_byte_lengths_relation, - lookup_byte_operations_relation, - lookup_cd_value_relation, - lookup_div_u16_0_relation, - lookup_div_u16_1_relation, - lookup_div_u16_2_relation, - lookup_div_u16_3_relation, - lookup_div_u16_4_relation, - lookup_div_u16_5_relation, - lookup_div_u16_6_relation, - lookup_div_u16_7_relation, - lookup_into_kernel_relation, - lookup_opcode_gas_relation, - lookup_pow_2_0_relation, - lookup_pow_2_1_relation, - lookup_ret_value_relation, - lookup_rng_chk_0_relation, - lookup_rng_chk_1_relation, - lookup_rng_chk_2_relation, - lookup_rng_chk_3_relation, - lookup_rng_chk_4_relation, - lookup_rng_chk_5_relation, - lookup_rng_chk_6_relation, - lookup_rng_chk_7_relation, - lookup_rng_chk_diff_relation, - lookup_rng_chk_pow_2_relation, - lookup_u16_0_relation, - lookup_u16_1_relation, - lookup_u16_10_relation, - lookup_u16_11_relation, - lookup_u16_12_relation, - lookup_u16_13_relation, - lookup_u16_14_relation, - lookup_u16_2_relation, - lookup_u16_3_relation, - lookup_u16_4_relation, - lookup_u16_5_relation, - lookup_u16_6_relation, - lookup_u16_7_relation, - lookup_u16_8_relation, - lookup_u16_9_relation, - lookup_u8_0_relation, - lookup_u8_1_relation, - perm_main_alu_relation, - perm_main_bin_relation, - perm_main_conv_relation, - perm_main_mem_a_relation, - perm_main_mem_b_relation, - perm_main_mem_c_relation, - perm_main_mem_d_relation, - perm_main_mem_ind_addr_a_relation, - perm_main_mem_ind_addr_b_relation, - perm_main_mem_ind_addr_c_relation, - perm_main_mem_ind_addr_d_relation, - perm_main_pedersen_relation, - perm_main_pos2_perm_relation, - perm_main_slice_relation, - perm_pos_mem_read_a_relation, - perm_pos_mem_read_b_relation, - perm_pos_mem_read_c_relation, - perm_pos_mem_read_d_relation, - perm_pos_mem_write_a_relation, - perm_pos_mem_write_b_relation, - perm_pos_mem_write_c_relation, - perm_pos_mem_write_d_relation, - perm_rng_gas_da_relation, - perm_rng_gas_l2_relation, - perm_rng_mem_relation, - perm_slice_mem_relation>; - - using Relations = tuple_cat_t; + incl_main_tag_err_relation, + incl_mem_tag_err_relation, + kernel_output_lookup_relation, + lookup_byte_lengths_relation, + lookup_byte_operations_relation, + lookup_cd_value_relation, + lookup_div_u16_0_relation, + lookup_div_u16_1_relation, + lookup_div_u16_2_relation, + lookup_div_u16_3_relation, + lookup_div_u16_4_relation, + lookup_div_u16_5_relation, + lookup_div_u16_6_relation, + lookup_div_u16_7_relation, + lookup_into_kernel_relation, + lookup_opcode_gas_relation, + lookup_pow_2_0_relation, + lookup_pow_2_1_relation, + lookup_ret_value_relation, + lookup_rng_chk_0_relation, + lookup_rng_chk_1_relation, + lookup_rng_chk_2_relation, + lookup_rng_chk_3_relation, + lookup_rng_chk_4_relation, + lookup_rng_chk_5_relation, + lookup_rng_chk_6_relation, + lookup_rng_chk_7_relation, + lookup_rng_chk_diff_relation, + lookup_rng_chk_pow_2_relation, + lookup_u16_0_relation, + lookup_u16_1_relation, + lookup_u16_10_relation, + lookup_u16_11_relation, + lookup_u16_12_relation, + lookup_u16_13_relation, + lookup_u16_14_relation, + lookup_u16_2_relation, + lookup_u16_3_relation, + lookup_u16_4_relation, + lookup_u16_5_relation, + lookup_u16_6_relation, + lookup_u16_7_relation, + lookup_u16_8_relation, + lookup_u16_9_relation, + lookup_u8_0_relation, + lookup_u8_1_relation, + perm_main_alu_relation, + perm_main_bin_relation, + perm_main_conv_relation, + perm_main_mem_a_relation, + perm_main_mem_b_relation, + perm_main_mem_c_relation, + perm_main_mem_d_relation, + perm_main_mem_ind_addr_a_relation, + perm_main_mem_ind_addr_b_relation, + perm_main_mem_ind_addr_c_relation, + perm_main_mem_ind_addr_d_relation, + perm_main_pedersen_relation, + perm_main_pos2_perm_relation, + perm_main_slice_relation, + perm_pos_mem_read_a_relation, + perm_pos_mem_read_b_relation, + perm_pos_mem_read_c_relation, + perm_pos_mem_read_d_relation, + perm_pos_mem_write_a_relation, + perm_pos_mem_write_b_relation, + perm_pos_mem_write_c_relation, + perm_pos_mem_write_d_relation, + perm_rng_gas_da_relation, + perm_rng_gas_l2_relation, + perm_rng_mem_relation, + perm_slice_mem_relation>; + + using LookupRelations = LookupRelations_; + + // Need to be templated for recursive verifier + template using Relations_ = tuple_cat_t, LookupRelations_>; + using Relations = Relations_; static constexpr size_t MAX_PARTIAL_RELATION_LENGTH = compute_max_partial_relation_length(); @@ -253,7 +263,6 @@ class AvmFlavor { static constexpr bool has_zero_row = true; - private: template class PrecomputedEntities : public PrecomputedEntitiesBase { public: using DataType = DataType_; @@ -266,6 +275,7 @@ class AvmFlavor { RefVector get_table_polynomials() { return {}; } }; + private: template class WireEntities { public: DEFINE_FLAVOR_MEMBERS(DataType, WIRE_ENTITIES) @@ -287,6 +297,7 @@ class AvmFlavor { return RefArray{ TO_BE_SHIFTED(entities) }; } + public: template class WitnessEntities : public WireEntities, public DerivedWitnessEntities { public: @@ -311,18 +322,15 @@ class AvmFlavor { auto get_precomputed() { return PrecomputedEntities::get_all(); } }; - public: class ProvingKey : public ProvingKeyAvm_, WitnessEntities, CommitmentKey> { public: // Expose constructors on the base class using Base = ProvingKeyAvm_, WitnessEntities, CommitmentKey>; using Base::Base; - auto get_to_be_shifted() { return AvmFlavor::get_to_be_shifted(*this); } }; - // Note(md): required for instantiation from the proving key - im sure there are other ways to construct this class VerificationKey : public VerificationKey_, VerifierCommitmentKey> { public: VerificationKey() = default; @@ -334,6 +342,7 @@ class AvmFlavor { zip_view(proving_key->get_precomputed_polynomials(), this->get_all())) { commitment = proving_key->commitment_key->commit(polynomial); } + pcs_verification_key = std::make_shared(); } VerificationKey(const size_t circuit_size, @@ -344,6 +353,7 @@ class AvmFlavor { for (auto [vk_cmt, cmt] : zip_view(this->get_all(), precomputed_cmts)) { vk_cmt = cmt; } + pcs_verification_key = std::make_shared(); } }; @@ -425,14 +435,37 @@ class AvmFlavor { CommitmentLabels(); }; - class VerifierCommitments : public AllEntities { + // Templated for use in recursive verifier + template + class VerifierCommitments_ : public AllEntities { private: - using Base = AllEntities; + using Base = AllEntities; public: - VerifierCommitments(const std::shared_ptr& verification_key); + VerifierCommitments_(const std::shared_ptr& verification_key) + { + this->byte_lookup_sel_bin = verification_key->byte_lookup_sel_bin; + this->byte_lookup_table_byte_lengths = verification_key->byte_lookup_table_byte_lengths; + this->byte_lookup_table_in_tags = verification_key->byte_lookup_table_in_tags; + this->byte_lookup_table_input_a = verification_key->byte_lookup_table_input_a; + this->byte_lookup_table_input_b = verification_key->byte_lookup_table_input_b; + this->byte_lookup_table_op_id = verification_key->byte_lookup_table_op_id; + this->byte_lookup_table_output = verification_key->byte_lookup_table_output; + this->gas_base_da_gas_fixed_table = verification_key->gas_base_da_gas_fixed_table; + this->gas_base_l2_gas_fixed_table = verification_key->gas_base_l2_gas_fixed_table; + this->gas_dyn_da_gas_fixed_table = verification_key->gas_dyn_da_gas_fixed_table; + this->gas_dyn_l2_gas_fixed_table = verification_key->gas_dyn_l2_gas_fixed_table; + this->gas_sel_gas_cost = verification_key->gas_sel_gas_cost; + this->main_clk = verification_key->main_clk; + this->main_sel_first = verification_key->main_sel_first; + this->main_zeroes = verification_key->main_zeroes; + this->powers_power_of_2 = verification_key->powers_power_of_2; + } }; + // Native version of the verifier commitments + using VerifierCommitments = VerifierCommitments_; + class Transcript : public NativeTranscript { public: uint32_t circuit_size; diff --git a/barretenberg/cpp/src/barretenberg/vm/avm/generated/verifier.cpp b/barretenberg/cpp/src/barretenberg/vm/avm/generated/verifier.cpp index cde64c811e4..bd132af86f6 100644 --- a/barretenberg/cpp/src/barretenberg/vm/avm/generated/verifier.cpp +++ b/barretenberg/cpp/src/barretenberg/vm/avm/generated/verifier.cpp @@ -15,13 +15,11 @@ AvmVerifier::AvmVerifier(std::shared_ptr verifier_key) AvmVerifier::AvmVerifier(AvmVerifier&& other) noexcept : key(std::move(other.key)) - , pcs_verification_key(std::move(other.pcs_verification_key)) {} AvmVerifier& AvmVerifier::operator=(AvmVerifier&& other) noexcept { key = other.key; - pcs_verification_key = other.pcs_verification_key; commitments.clear(); return *this; } @@ -145,11 +143,11 @@ bool AvmVerifier::verify_proof(const HonkProof& proof, claimed_evaluations.get_unshifted(), claimed_evaluations.get_shifted(), multivariate_challenge, - pcs_verification_key.get_g1_identity(), + key->pcs_verification_key->get_g1_identity(), transcript); auto pairing_points = PCS::reduce_verify(opening_claim, transcript); - auto verified = pcs_verification_key.pairing_check(pairing_points[0], pairing_points[1]); + auto verified = key->pcs_verification_key->pairing_check(pairing_points[0], pairing_points[1]); return sumcheck_verified.value() && verified; } diff --git a/barretenberg/cpp/src/barretenberg/vm/avm/generated/verifier.hpp b/barretenberg/cpp/src/barretenberg/vm/avm/generated/verifier.hpp index 09569deff31..de4dd7acc24 100644 --- a/barretenberg/cpp/src/barretenberg/vm/avm/generated/verifier.hpp +++ b/barretenberg/cpp/src/barretenberg/vm/avm/generated/verifier.hpp @@ -16,7 +16,7 @@ class AvmVerifier { using Transcript = Flavor::Transcript; public: - explicit AvmVerifier(std::shared_ptr verifier_key = nullptr); + explicit AvmVerifier(std::shared_ptr verifier_key); AvmVerifier(AvmVerifier&& other) noexcept; AvmVerifier(const AvmVerifier& other) = delete; @@ -27,7 +27,6 @@ class AvmVerifier { std::shared_ptr key; std::map commitments; - VerifierCommitmentKey pcs_verification_key; std::shared_ptr transcript; }; diff --git a/barretenberg/cpp/src/barretenberg/vm/avm/recursion/avm_recursive_flavor.hpp b/barretenberg/cpp/src/barretenberg/vm/avm/recursion/avm_recursive_flavor.hpp new file mode 100644 index 00000000000..85eda197acb --- /dev/null +++ b/barretenberg/cpp/src/barretenberg/vm/avm/recursion/avm_recursive_flavor.hpp @@ -0,0 +1,74 @@ +#pragma once +#include "barretenberg/flavor/flavor.hpp" +#include "barretenberg/stdlib/transcript/transcript.hpp" +#include "barretenberg/stdlib_circuit_builders/ultra_circuit_builder.hpp" +#include "barretenberg/vm/avm/generated/flavor.hpp" + +namespace bb { + +template class AvmRecursiveFlavor_ { + public: + using CircuitBuilder = BuilderType; + using Curve = stdlib::bn254; + using PCS = KZG; + using GroupElement = typename Curve::Element; + using Commitment = typename Curve::AffineElement; + using FF = typename Curve::ScalarField; + using BF = typename Curve::BaseField; + + using NativeFlavor = AvmFlavor; + using NativeVerificationKey = NativeFlavor::VerificationKey; + + // Native one is used! + using VerifierCommitmentKey = NativeFlavor::VerifierCommitmentKey; + + using Relations = AvmFlavor::Relations_; + + static constexpr size_t NUM_WIRES = NativeFlavor::NUM_WIRES; + static constexpr size_t NUM_ALL_ENTITIES = NativeFlavor::NUM_ALL_ENTITIES; + static constexpr size_t NUM_PRECOMPUTED_ENTITIES = NativeFlavor::NUM_PRECOMPUTED_ENTITIES; + static constexpr size_t NUM_WITNESS_ENTITIES = NativeFlavor::NUM_WITNESS_ENTITIES; + + static constexpr size_t BATCHED_RELATION_PARTIAL_LENGTH = NativeFlavor::BATCHED_RELATION_PARTIAL_LENGTH; + static constexpr size_t NUM_RELATIONS = std::tuple_size_v; + + using RelationSeparator = FF; + + // This flavor would not be used with ZK Sumcheck + static constexpr bool HasZK = false; + + // define the containers for storing the contributions from each relation in Sumcheck + using TupleOfArraysOfValues = decltype(create_tuple_of_arrays_of_values()); + + /** + * @brief A field element for each entity of the flavor. These entities represent the prover polynomials + * evaluated at one point. + */ + class AllValues : public AvmFlavor::AllEntities { + public: + using Base = AvmFlavor::AllEntities; + using Base::Base; + }; + + class VerificationKey : public VerificationKey_, VerifierCommitmentKey> { + public: + VerificationKey(CircuitBuilder* builder, const std::shared_ptr& native_key) + { + this->pcs_verification_key = native_key->pcs_verification_key; + this->circuit_size = native_key->circuit_size; + this->log_circuit_size = numeric::get_msb(this->circuit_size); + this->num_public_inputs = native_key->num_public_inputs; + + for (auto [native_comm, comm] : zip_view(native_key->get_all(), this->get_all())) { + comm = Commitment::from_witness(builder, native_comm); + } + } + }; + + using WitnessCommitments = AvmFlavor::WitnessEntities; + using CommitmentLabels = AvmFlavor::CommitmentLabels; + using VerifierCommitments = AvmFlavor::VerifierCommitments_; + using Transcript = bb::BaseTranscript>; +}; + +} // namespace bb \ No newline at end of file diff --git a/barretenberg/cpp/src/barretenberg/vm/avm/recursion/avm_recursive_verifier.cpp b/barretenberg/cpp/src/barretenberg/vm/avm/recursion/avm_recursive_verifier.cpp new file mode 100644 index 00000000000..bd5129a50d5 --- /dev/null +++ b/barretenberg/cpp/src/barretenberg/vm/avm/recursion/avm_recursive_verifier.cpp @@ -0,0 +1,94 @@ +#include "barretenberg/vm/avm/recursion/avm_recursive_verifier.hpp" +#include "barretenberg/commitment_schemes/zeromorph/zeromorph.hpp" +#include "barretenberg/transcript/transcript.hpp" + +namespace bb { + +template +AvmRecursiveVerifier_::AvmRecursiveVerifier_( + Builder* builder, const std::shared_ptr& native_verification_key) + : key(std::make_shared(builder, native_verification_key)) + , builder(builder) +{} + +template +AvmRecursiveVerifier_::AvmRecursiveVerifier_(Builder* builder, const std::shared_ptr& vkey) + : key(vkey) + , builder(builder) +{} + +// TODO(#991): (see https://github.com/AztecProtocol/barretenberg/issues/991) +template +std::array AvmRecursiveVerifier_::verify_proof(const HonkProof& proof) +{ + using Curve = typename Flavor::Curve; + using Zeromorph = ZeroMorphVerifier_; + using PCS = typename Flavor::PCS; + using VerifierCommitments = typename Flavor::VerifierCommitments; + using CommitmentLabels = typename Flavor::CommitmentLabels; + using RelationParams = ::bb::RelationParameters; + using Transcript = typename Flavor::Transcript; + + StdlibProof stdlib_proof = bb::convert_proof_to_witness(builder, proof); + transcript = std::make_shared(stdlib_proof); + + RelationParams relation_parameters; + VerifierCommitments commitments{ key }; + CommitmentLabels commitment_labels; + + const auto circuit_size = transcript->template receive_from_prover("circuit_size"); + if (static_cast(circuit_size.get_value()) != key->circuit_size) { + throw_or_abort("AvmRecursiveVerifier::verify_proof: proof circuit size does not match verification key!"); + } + + // Get commitments to VM wires + for (auto [comm, label] : zip_view(commitments.get_wires(), commitment_labels.get_wires())) { + comm = transcript->template receive_from_prover(label); + } + + auto [beta, gamma] = transcript->template get_challenges("beta", "gamma"); + relation_parameters.beta = beta; + relation_parameters.gamma = gamma; + + // Get commitments to inverses + for (auto [label, commitment] : zip_view(commitment_labels.get_derived(), commitments.get_derived())) { + commitment = transcript->template receive_from_prover(label); + } + + // unconstrained + const size_t log_circuit_size = numeric::get_msb(static_cast(circuit_size.get_value())); + auto sumcheck = SumcheckVerifier(log_circuit_size, transcript); + + FF alpha = transcript->template get_challenge("Sumcheck:alpha"); + + auto gate_challenges = std::vector(log_circuit_size); + for (size_t idx = 0; idx < log_circuit_size; idx++) { + gate_challenges[idx] = transcript->template get_challenge("Sumcheck:gate_challenge_" + std::to_string(idx)); + } + + // No need to constrain that sumcheck_verified is true as this is guaranteed by the implementation of + // when called over a "circuit field" types. + auto [multivariate_challenge, claimed_evaluations, sumcheck_verified] = + sumcheck.verify(relation_parameters, alpha, gate_challenges); + + vinfo("verified sumcheck: ", (sumcheck_verified.has_value() && sumcheck_verified.value())); + + auto opening_claim = Zeromorph::verify(circuit_size, + commitments.get_unshifted(), + commitments.get_to_be_shifted(), + claimed_evaluations.get_unshifted(), + claimed_evaluations.get_shifted(), + multivariate_challenge, + Commitment::one(builder), + transcript); + + auto pairing_points = PCS::reduce_verify(opening_claim, transcript); + + return pairing_points; + + // Probably we will have to return an aggregation object (see ultra_recursive_verifier.cpp) once we interface + // with noir for public_kernel integration. Follow, the same recipe as in ultra_recursive_verifier.cpp in this case. +} + +template class AvmRecursiveVerifier_>; +} // namespace bb \ No newline at end of file diff --git a/barretenberg/cpp/src/barretenberg/vm/avm/recursion/avm_recursive_verifier.hpp b/barretenberg/cpp/src/barretenberg/vm/avm/recursion/avm_recursive_verifier.hpp new file mode 100644 index 00000000000..7c130c7152d --- /dev/null +++ b/barretenberg/cpp/src/barretenberg/vm/avm/recursion/avm_recursive_verifier.hpp @@ -0,0 +1,33 @@ +#pragma once +#include "barretenberg/sumcheck/sumcheck.hpp" +#include "barretenberg/vm/avm/recursion/avm_recursive_flavor.hpp" + +namespace bb { +template class AvmRecursiveVerifier_ { + using FF = typename Flavor::FF; + using BF = typename Flavor::BF; + using Curve = typename Flavor::Curve; + using Commitment = typename Flavor::Commitment; + using CommitmentLabels = typename Flavor::CommitmentLabels; + using RelationSeparator = typename Flavor::RelationSeparator; + + using VerificationKey = typename Flavor::VerificationKey; + + using NativeVerificationKey = typename Flavor::NativeVerificationKey; + using Builder = typename Flavor::CircuitBuilder; + using PCS = typename Flavor::PCS; + using Transcript = bb::BaseTranscript>; + using VerifierCommitments = typename Flavor::VerifierCommitments; + + public: + explicit AvmRecursiveVerifier_(Builder* builder, + const std::shared_ptr& native_verification_key); + explicit AvmRecursiveVerifier_(Builder* builder, const std::shared_ptr& vkey); + + std::array verify_proof(const HonkProof& proof); + + std::shared_ptr key; + Builder* builder; + std::shared_ptr transcript; +}; +} // namespace bb \ No newline at end of file diff --git a/barretenberg/cpp/src/barretenberg/vm/avm/recursion/avm_recursive_verifier.test.cpp b/barretenberg/cpp/src/barretenberg/vm/avm/recursion/avm_recursive_verifier.test.cpp new file mode 100644 index 00000000000..9f2b10185bf --- /dev/null +++ b/barretenberg/cpp/src/barretenberg/vm/avm/recursion/avm_recursive_verifier.test.cpp @@ -0,0 +1,126 @@ +#include "barretenberg/vm/avm/recursion/avm_recursive_verifier.hpp" +#include "barretenberg/circuit_checker/circuit_checker.hpp" +#include "barretenberg/numeric/random/engine.hpp" +#include "barretenberg/stdlib_circuit_builders/ultra_flavor.hpp" +#include "barretenberg/sumcheck/instance/prover_instance.hpp" +#include "barretenberg/ultra_honk/ultra_prover.hpp" +#include "barretenberg/ultra_honk/ultra_verifier.hpp" +#include "barretenberg/vm/avm/generated/circuit_builder.hpp" +#include "barretenberg/vm/avm/generated/composer.hpp" +#include "barretenberg/vm/avm/recursion/avm_recursive_flavor.hpp" +#include "barretenberg/vm/avm/tests/helpers.test.hpp" +#include "barretenberg/vm/avm/trace/common.hpp" +#include "barretenberg/vm/avm/trace/helper.hpp" +#include "barretenberg/vm/avm/trace/trace.hpp" +#include + +namespace tests_avm { + +using namespace bb; +using namespace bb::avm_trace; + +class AvmRecursiveTests : public ::testing::Test { + public: + using RecursiveFlavor = AvmRecursiveFlavor_; + + using InnerFlavor = typename RecursiveFlavor::NativeFlavor; + using InnerBuilder = AvmCircuitBuilder; + using InnerProver = AvmProver; + using InnerVerifier = AvmVerifier; + using InnerG1 = InnerFlavor::Commitment; + using InnerFF = InnerFlavor::FF; + + using Transcript = InnerFlavor::Transcript; + + // Note: removed templating from eccvm one + using RecursiveVerifier = AvmRecursiveVerifier_; + + using OuterBuilder = typename RecursiveFlavor::CircuitBuilder; + using OuterProver = UltraProver_; + using OuterVerifier = UltraVerifier_; + using OuterProverInstance = ProverInstance_; + + static void SetUpTestSuite() { bb::srs::init_crs_factory("../srs_db/ignition"); } + + // Generate an extremely simple avm trace + static AvmCircuitBuilder generate_avm_circuit() + { + AvmTraceBuilder trace_builder(generate_base_public_inputs()); + AvmCircuitBuilder builder; + + trace_builder.op_set(0, 1, 1, AvmMemoryTag::U8); + trace_builder.op_set(0, 1, 2, AvmMemoryTag::U8); + trace_builder.op_add(0, 1, 2, 3, AvmMemoryTag::U8); + trace_builder.op_return(0, 0, 0); + auto trace = trace_builder.finalize(); // Passing true enables a longer trace with lookups + + builder.set_trace(std::move(trace)); + builder.check_circuit(); + vinfo("inner builder - num gates: ", builder.get_num_gates()); + + return builder; + } +}; + +TEST_F(AvmRecursiveTests, recursion) +{ + AvmCircuitBuilder circuit_builder = generate_avm_circuit(); + AvmComposer composer = AvmComposer(); + AvmProver prover = composer.create_prover(circuit_builder); + AvmVerifier verifier = composer.create_verifier(circuit_builder); + + HonkProof proof = prover.construct_proof(); + + auto public_inputs = generate_base_public_inputs(); + std::vector> public_inputs_vec = + bb::avm_trace::copy_public_inputs_columns(public_inputs, {}, {}); + + bool verified = verifier.verify_proof(proof, public_inputs_vec); + ASSERT_TRUE(verified) << "native proof verification failed"; + + // Create the outer verifier, to verify the proof + const std::shared_ptr verification_key = verifier.key; + OuterBuilder outer_circuit; + RecursiveVerifier recursive_verifier{ &outer_circuit, verification_key }; + + auto pairing_points = recursive_verifier.verify_proof(proof); + + bool pairing_points_valid = verification_key->pcs_verification_key->pairing_check(pairing_points[0].get_value(), + pairing_points[1].get_value()); + + ASSERT_TRUE(pairing_points_valid) << "Pairing points are not valid."; + + vinfo("Recursive verifier: num gates = ", outer_circuit.num_gates); + ASSERT_FALSE(outer_circuit.failed()) << "Outer circuit has failed."; + + bool outer_circuit_checked = CircuitChecker::check(outer_circuit); + ASSERT_TRUE(outer_circuit_checked) << "outer circuit check failed"; + + auto manifest = verifier.transcript->get_manifest(); + auto recursive_manifest = recursive_verifier.transcript->get_manifest(); + + EXPECT_EQ(manifest.size(), recursive_manifest.size()); + for (size_t i = 0; i < recursive_manifest.size(); ++i) { + EXPECT_EQ(recursive_manifest[i], manifest[i]); + } + + for (auto const [key_el, rec_key_el] : zip_view(verifier.key->get_all(), recursive_verifier.key->get_all())) { + EXPECT_EQ(key_el, rec_key_el.get_value()); + } + + EXPECT_EQ(verifier.key->circuit_size, recursive_verifier.key->circuit_size); + EXPECT_EQ(verifier.key->num_public_inputs, recursive_verifier.key->num_public_inputs); + + // Make a proof of the verification of an AVM proof + const size_t srs_size = 1 << 23; + auto ultra_instance = std::make_shared( + outer_circuit, TraceStructure::NONE, std::make_shared>(srs_size)); + OuterProver ultra_prover(ultra_instance); + auto ultra_verification_key = std::make_shared(ultra_instance->proving_key); + OuterVerifier ultra_verifier(ultra_verification_key); + + auto recursion_proof = ultra_prover.construct_proof(); + bool recursion_verified = ultra_verifier.verify_proof(recursion_proof); + EXPECT_TRUE(recursion_verified) << "recursion proof verification failed"; +} +} // namespace tests_avm diff --git a/bb-pilcom/bb-pil-backend/src/lookup_builder.rs b/bb-pilcom/bb-pil-backend/src/lookup_builder.rs index b67d8528f81..b6afa095351 100644 --- a/bb-pilcom/bb-pil-backend/src/lookup_builder.rs +++ b/bb-pilcom/bb-pil-backend/src/lookup_builder.rs @@ -109,6 +109,7 @@ pub fn get_counts_from_lookups(lookups: &[Lookup]) -> Vec { fn create_lookup_settings_data(lookup: &Lookup) -> Json { let columns_per_set = lookup.left.cols.len(); + let counts_poly_name = lookup.counts_poly.to_owned(); // NOTE: https://github.com/AztecProtocol/aztec-packages/issues/3879 // Settings are not flexible enough to combine inverses diff --git a/bb-pilcom/bb-pil-backend/templates/flavor.cpp.hbs b/bb-pilcom/bb-pil-backend/templates/flavor.cpp.hbs index dc04e8c37d5..e577691c715 100644 --- a/bb-pilcom/bb-pil-backend/templates/flavor.cpp.hbs +++ b/bb-pilcom/bb-pil-backend/templates/flavor.cpp.hbs @@ -46,13 +46,6 @@ namespace bb { {{/each}} }; -{{name}}Flavor::VerifierCommitments::VerifierCommitments(const std::shared_ptr& verification_key) -{ - {{#each fixed as |item|}} - {{item}} = verification_key->{{item}}; - {{/each}} -} - void {{name}}Flavor::Transcript::deserialize_full_transcript() { size_t num_frs_read = 0; circuit_size = deserialize_from_buffer(proof_data, num_frs_read); diff --git a/bb-pilcom/bb-pil-backend/templates/flavor.hpp.hbs b/bb-pilcom/bb-pil-backend/templates/flavor.hpp.hbs index 416257d5dcd..c0a9924a0f0 100644 --- a/bb-pilcom/bb-pil-backend/templates/flavor.hpp.hbs +++ b/bb-pilcom/bb-pil-backend/templates/flavor.hpp.hbs @@ -67,17 +67,27 @@ class {{name}}Flavor { // The total number of witnesses including shifts and derived entities. static constexpr size_t NUM_ALL_WITNESS_ENTITIES = NUM_WITNESS_ENTITIES + NUM_SHIFTED_ENTITIES; - using MainRelations = std::tuple< + // Need to be templated for recursive verifier + template + using MainRelations_ = std::tuple< // Relations - {{#each relation_file_names as |item|}}{{#if @index}},{{/if}}{{../name}}_vm::{{item}}{{/each}} + {{#each relation_file_names as |item|}}{{#if @index}},{{/if}}{{../name}}_vm::{{item}}{{/each}} >; - using LookupRelations = std::tuple< + using MainRelations = MainRelations_; + + // Need to be templated for recursive verifier + template + using LookupRelations_ = std::tuple< // Lookups - {{#each lookups as |item|}}{{#if @index}},{{/if}}{{item}}_relation{{/each}} + {{#each lookups as |item|}}{{#if @index}},{{/if}}{{item}}_relation{{/each}} >; - using Relations = tuple_cat_t; + using LookupRelations = LookupRelations_; + + // Need to be templated for recursive verifier + template using Relations_ = tuple_cat_t, LookupRelations_>; + using Relations = Relations_; static constexpr size_t MAX_PARTIAL_RELATION_LENGTH = compute_max_partial_relation_length(); @@ -92,79 +102,76 @@ class {{name}}Flavor { static constexpr bool has_zero_row = true; + template class PrecomputedEntities : public PrecomputedEntitiesBase { + public: + using DataType = DataType_; + + DEFINE_FLAVOR_MEMBERS(DataType, PRECOMPUTED_ENTITIES) + + RefVector get_selectors() { return get_all(); } + RefVector get_sigma_polynomials() { return {}; } + RefVector get_id_polynomials() { return {}; } + RefVector get_table_polynomials() { return {}; } + }; + private: - template - class PrecomputedEntities : public PrecomputedEntitiesBase { - public: - using DataType = DataType_; - - DEFINE_FLAVOR_MEMBERS(DataType, PRECOMPUTED_ENTITIES) - - RefVector get_selectors() { return get_all(); } - RefVector get_sigma_polynomials() { return {}; } - RefVector get_id_polynomials() { return {}; } - RefVector get_table_polynomials() { return {}; } - }; - - template - class WireEntities { - public: - DEFINE_FLAVOR_MEMBERS(DataType, WIRE_ENTITIES) - }; - - template - class DerivedWitnessEntities { - public: - DEFINE_FLAVOR_MEMBERS(DataType, DERIVED_WITNESS_ENTITIES) - }; - - template - class ShiftedEntities { - public: - DEFINE_FLAVOR_MEMBERS(DataType, SHIFTED_ENTITIES) - }; - - template - static auto get_to_be_shifted([[maybe_unused]] PrecomputedAndWitnessEntitiesSuperset& entities) { - return RefArray{ TO_BE_SHIFTED(entities) }; - } - - template - class WitnessEntities: public WireEntities, public DerivedWitnessEntities { - public: - DEFINE_COMPOUND_GET_ALL(WireEntities, DerivedWitnessEntities) - auto get_wires() { return WireEntities::get_all(); } - auto get_derived() { return DerivedWitnessEntities::get_all(); } - }; - - template - class AllEntities : public PrecomputedEntities - , public WitnessEntities - , public ShiftedEntities { - public: - DEFINE_COMPOUND_GET_ALL(PrecomputedEntities, WitnessEntities, ShiftedEntities) - - auto get_unshifted() { - return concatenate(PrecomputedEntities::get_all(), WitnessEntities::get_all()); - } - auto get_to_be_shifted() { return {{name}}Flavor::get_to_be_shifted(*this); } - auto get_shifted() { return ShiftedEntities::get_all(); } - auto get_precomputed() { return PrecomputedEntities::get_all(); } - }; + template + class WireEntities { + public: + DEFINE_FLAVOR_MEMBERS(DataType, WIRE_ENTITIES) + }; + + template + class DerivedWitnessEntities { + public: + DEFINE_FLAVOR_MEMBERS(DataType, DERIVED_WITNESS_ENTITIES) + }; + + template + class ShiftedEntities { + public: + DEFINE_FLAVOR_MEMBERS(DataType, SHIFTED_ENTITIES) + }; + + template + static auto get_to_be_shifted([[maybe_unused]] PrecomputedAndWitnessEntitiesSuperset& entities) { + return RefArray{ TO_BE_SHIFTED(entities) }; + } + + public: + template + class WitnessEntities: public WireEntities, public DerivedWitnessEntities { + public: + DEFINE_COMPOUND_GET_ALL(WireEntities, DerivedWitnessEntities) + auto get_wires() { return WireEntities::get_all(); } + auto get_derived() { return DerivedWitnessEntities::get_all(); } + }; + + template + class AllEntities : public PrecomputedEntities + , public WitnessEntities + , public ShiftedEntities { + public: + DEFINE_COMPOUND_GET_ALL(PrecomputedEntities, WitnessEntities, ShiftedEntities) + + auto get_unshifted() { + return concatenate(PrecomputedEntities::get_all(), WitnessEntities::get_all()); + } + auto get_to_be_shifted() { return {{name}}Flavor::get_to_be_shifted(*this); } + auto get_shifted() { return ShiftedEntities::get_all(); } + auto get_precomputed() { return PrecomputedEntities::get_all(); } + }; + + class ProvingKey : public ProvingKeyAvm_, WitnessEntities, CommitmentKey> { + public: + // Expose constructors on the base class + using Base = ProvingKeyAvm_, WitnessEntities, CommitmentKey>; + using Base::Base; + auto get_to_be_shifted() { + return {{name}}Flavor::get_to_be_shifted(*this); + } + }; - public: - class ProvingKey : public ProvingKeyAvm_, WitnessEntities, CommitmentKey> { - public: - // Expose constructors on the base class - using Base = ProvingKeyAvm_, WitnessEntities, CommitmentKey>; - using Base::Base; - - auto get_to_be_shifted() { - return {{name}}Flavor::get_to_be_shifted(*this); - } - }; - - // Note(md): required for instantiation from the proving key - im sure there are other ways to construct this class VerificationKey : public VerificationKey_, VerifierCommitmentKey> { public: VerificationKey() = default; @@ -176,6 +183,7 @@ class {{name}}Flavor { zip_view(proving_key->get_precomputed_polynomials(), this->get_all())) { commitment = proving_key->commitment_key->commit(polynomial); } + pcs_verification_key = std::make_shared(); } VerificationKey(const size_t circuit_size, @@ -186,124 +194,134 @@ class {{name}}Flavor { for (auto [vk_cmt, cmt] : zip_view(this->get_all(), precomputed_cmts)) { vk_cmt = cmt; } + pcs_verification_key = std::make_shared(); } }; - {{!-- Used by sumcheck --}} - class AllValues : public AllEntities { - public: - using Base = AllEntities; - using Base::Base; - }; - - {{!-- Used by get_row, logderivs, etc --}} - class AllConstRefValues { - public: - using BaseDataType = const FF; - using DataType = BaseDataType&; - - {{!-- - We define the flavor members here again to avoid having to make this class inherit from AllEntities. - If we did inherit from AllEntities, we have to define a special constructor for AllEntities, and all - the classes that AllEntities inherits from, in cascade. - --}} - DEFINE_FLAVOR_MEMBERS(DataType, ALL_ENTITIES) - - AllConstRefValues(const RefArray& il); - }; - - /** - * @brief A container for the prover polynomials handles. - */ - class ProverPolynomials : public AllEntities { - public: - // Define all operations as default, except copy construction/assignment - ProverPolynomials() = default; - ProverPolynomials& operator=(const ProverPolynomials&) = delete; - ProverPolynomials(const ProverPolynomials& o) = delete; - ProverPolynomials(ProverPolynomials&& o) noexcept = default; - ProverPolynomials& operator=(ProverPolynomials&& o) noexcept = default; - ~ProverPolynomials() = default; - - ProverPolynomials(ProvingKey& proving_key); - - [[nodiscard]] size_t get_polynomial_size() const { return {{witness.0}}.size(); } - /** - * @brief Returns the evaluations of all prover polynomials at one point on the boolean hypercube, which - * represents one row in the execution trace. - */ - [[nodiscard]] AllConstRefValues get_row(size_t row_idx) const; - }; - - class PartiallyEvaluatedMultivariates : public AllEntities { - public: - PartiallyEvaluatedMultivariates() = default; - PartiallyEvaluatedMultivariates(const size_t circuit_size); - }; - - /** - * @brief A container for univariates used during Protogalaxy folding and sumcheck. - * @details During folding and sumcheck, the prover evaluates the relations on these univariates. - */ - template - using ProverUnivariates = AllEntities>; - - /** - * @brief A container for univariates used during Protogalaxy folding and sumcheck with some of the computation - * optimistically ignored - * @details During folding and sumcheck, the prover evaluates the relations on these univariates. - */ - template - using OptimisedProverUnivariates = AllEntities>; - - /** - * @brief A container for univariates produced during the hot loop in sumcheck. - */ - using ExtendedEdges = ProverUnivariates; - - /** - * @brief A container for the witness commitments. - * - */ - using WitnessCommitments = WitnessEntities; - - class CommitmentLabels: public AllEntities { - private: - using Base = AllEntities; + {{!-- Used by sumcheck --}} + class AllValues : public AllEntities { + public: + using Base = AllEntities; + using Base::Base; + }; - public: - CommitmentLabels(); - }; + {{!-- Used by get_row, logderivs, etc --}} + class AllConstRefValues { + public: + using BaseDataType = const FF; + using DataType = BaseDataType&; - class VerifierCommitments : public AllEntities { - private: - using Base = AllEntities; + {{!-- + We define the flavor members here again to avoid having to make this class inherit from AllEntities. + If we did inherit from AllEntities, we have to define a special constructor for AllEntities, and all + the classes that AllEntities inherits from, in cascade. + --}} + DEFINE_FLAVOR_MEMBERS(DataType, ALL_ENTITIES) + + AllConstRefValues(const RefArray& il); + }; + + /** + * @brief A container for the prover polynomials handles. + */ + class ProverPolynomials : public AllEntities { + public: + // Define all operations as default, except copy construction/assignment + ProverPolynomials() = default; + ProverPolynomials& operator=(const ProverPolynomials&) = delete; + ProverPolynomials(const ProverPolynomials& o) = delete; + ProverPolynomials(ProverPolynomials&& o) noexcept = default; + ProverPolynomials& operator=(ProverPolynomials&& o) noexcept = default; + ~ProverPolynomials() = default; + + ProverPolynomials(ProvingKey& proving_key); + + [[nodiscard]] size_t get_polynomial_size() const { return {{witness.0}}.size(); } + /** + * @brief Returns the evaluations of all prover polynomials at one point on the boolean hypercube, which + * represents one row in the execution trace. + */ + [[nodiscard]] AllConstRefValues get_row(size_t row_idx) const; + }; + class PartiallyEvaluatedMultivariates : public AllEntities { public: - VerifierCommitments(const std::shared_ptr& verification_key); - }; + PartiallyEvaluatedMultivariates() = default; + PartiallyEvaluatedMultivariates(const size_t circuit_size); + }; + + /** + * @brief A container for univariates used during Protogalaxy folding and sumcheck. + * @details During folding and sumcheck, the prover evaluates the relations on these univariates. + */ + template + using ProverUnivariates = AllEntities>; + + /** + * @brief A container for univariates used during Protogalaxy folding and sumcheck with some of the computation + * optimistically ignored + * @details During folding and sumcheck, the prover evaluates the relations on these univariates. + */ + template + using OptimisedProverUnivariates = AllEntities>; + + /** + * @brief A container for univariates produced during the hot loop in sumcheck. + */ + using ExtendedEdges = ProverUnivariates; + + /** + * @brief A container for the witness commitments. + * + */ + using WitnessCommitments = WitnessEntities; + + class CommitmentLabels: public AllEntities { + private: + using Base = AllEntities; - class Transcript : public NativeTranscript { public: - uint32_t circuit_size; + CommitmentLabels(); + }; - std::array commitments; + // Templated for use in recursive verifier + template + class VerifierCommitments_ : public AllEntities { + private: + using Base = AllEntities; - std::vector> sumcheck_univariates; - std::array sumcheck_evaluations; - std::vector zm_cq_comms; - Commitment zm_cq_comm; - Commitment zm_pi_comm; + public: + VerifierCommitments_(const std::shared_ptr& verification_key) { + {{#each fixed as |item|}} + this->{{item}} = verification_key->{{item}}; + {{/each}} + } + }; - Transcript() = default; + // Native version of the verifier commitments + using VerifierCommitments = VerifierCommitments_; - Transcript(const std::vector& proof) - : NativeTranscript(proof) - {} + class Transcript : public NativeTranscript { + public: + uint32_t circuit_size; + + std::array commitments; + + std::vector> sumcheck_univariates; + std::array sumcheck_evaluations; + std::vector zm_cq_comms; + Commitment zm_cq_comm; + Commitment zm_pi_comm; - void deserialize_full_transcript(); - void serialize_full_transcript(); - }; + Transcript() = default; + + Transcript(const std::vector& proof) + : NativeTranscript(proof) + {} + + void deserialize_full_transcript(); + void serialize_full_transcript(); + }; }; } // namespace bb diff --git a/bb-pilcom/bb-pil-backend/templates/verifier.cpp.hbs b/bb-pilcom/bb-pil-backend/templates/verifier.cpp.hbs index 9fa328e47b2..dbb2ad78685 100644 --- a/bb-pilcom/bb-pil-backend/templates/verifier.cpp.hbs +++ b/bb-pilcom/bb-pil-backend/templates/verifier.cpp.hbs @@ -15,13 +15,11 @@ namespace bb { {{name}}Verifier::{{name}}Verifier({{name}}Verifier&& other) noexcept : key(std::move(other.key)) - , pcs_verification_key(std::move(other.pcs_verification_key)) {} {{name}}Verifier& {{name}}Verifier::operator=({{name}}Verifier&& other) noexcept { key = other.key; - pcs_verification_key = other.pcs_verification_key; commitments.clear(); return *this; } @@ -124,11 +122,11 @@ bool {{name}}Verifier::verify_proof(const HonkProof& proof, [[maybe_unused]] con claimed_evaluations.get_unshifted(), claimed_evaluations.get_shifted(), multivariate_challenge, - pcs_verification_key.get_g1_identity(), + key->pcs_verification_key->get_g1_identity(), transcript); auto pairing_points = PCS::reduce_verify(opening_claim, transcript); - auto verified = pcs_verification_key.pairing_check(pairing_points[0], pairing_points[1]); + auto verified = key->pcs_verification_key->pairing_check(pairing_points[0], pairing_points[1]); return sumcheck_verified.value() && verified; } diff --git a/bb-pilcom/bb-pil-backend/templates/verifier.hpp.hbs b/bb-pilcom/bb-pil-backend/templates/verifier.hpp.hbs index 05514fbb9e4..951ea0b4275 100644 --- a/bb-pilcom/bb-pil-backend/templates/verifier.hpp.hbs +++ b/bb-pilcom/bb-pil-backend/templates/verifier.hpp.hbs @@ -16,7 +16,7 @@ class {{name}}Verifier { using Transcript = Flavor::Transcript; public: - explicit {{name}}Verifier(std::shared_ptr verifier_key = nullptr); + explicit {{name}}Verifier(std::shared_ptr verifier_key); {{name}}Verifier({{name}}Verifier&& other) noexcept; {{name}}Verifier(const {{name}}Verifier& other) = delete; @@ -27,7 +27,6 @@ class {{name}}Verifier { std::shared_ptr key; std::map commitments; - VerifierCommitmentKey pcs_verification_key; std::shared_ptr transcript; };